Xerox WorkCentre 3550 Скачать руководство пользователя страница 13

Страница: 13 / 32

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011

Page

13 of 32

2.7.

System Software Structure

2.7.1.

Open-source components

Open-source components in the connectivity layer implement high-level protocol services. The security-relevant
connectivity layer components are:

•

Apache 2.2.11, with mod_ssl integrated
(http and https)

•

Apache Xerces2 Java

•

Open1x

•

OpenSLP

•

NetBSD Project

•

libupnp

•

UUID library

•

wpa_supplicant

•

ldns

•

Info-zip

•

TWAIN sample Data Source and
Application

•

WTL v8.0

•

CUPS library

•

libjpeg v6b

•

libxml2

•

Expat XML Parser

•

Unicode

•

Kerberos 5

•

sorttable

•

Little CMS v1.15

•

CUPS related stuff

•

part of linux kernel

•

SpiderMonkey Engine

•

OpenSSL v0.9.8e

•

Open LDAP v2.1.17

•

libpng

•

zlib v2.4

•

libtiff

•

tinyxml

2.7.2.

OS Layer in the Controller

The OS layer includes the operating system, network and physical I/O drivers. The controller operating system is
pSOS v2.5.

The crypto library for IPSec is provided by the OpenSSL Toolkit..

IP Filtering is also provided as a loadable kernel module.

Содержание WorkCentre 3550

Страница 1: ...Xerox WorkCentre 3550 Information Assurance Disclosure Paper Version 1 2 Prepared by Mark Bixler Xerox Corporation 800 Phillips Road Webster New York 14580...

Страница 2: ...March 2011 Page 2 of 32 2011 Xerox Corporation All rights reserved Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and or other counties Other com...

Страница 3: ...2 2 4 USB Ports 10 2 3 Fax Module 11 2 3 1 Purpose 11 2 3 2 Hardware 11 2 4 Scanner 11 2 4 1 Purpose 11 2 4 2 Hardware 11 2 5 Local User Interface LUI 12 2 5 1 Purpose 12 2 5 2 Hardware 12 2 6 Markin...

Страница 4: ...ultifunction models only 24 3 3 2 Network Scanning Multifunction models only 24 3 4 Diagnostics 24 4 SECURITY ASPECTS OF SELECTED FEATURES 25 4 1 SMart eSolutions 25 4 2 1 Meter Assistant 25 4 2 2 Sup...

Страница 5: ...n functions and features of the WorkCentre products relative to Information Assurance IA This document does NOT provide tutorial level information about security connectivity PDLs or WorkCentre produc...

Страница 6: ...input document handler and scanner marking engine including paper path controller and user interface Figure 2 1 WorkCentre Multifunction System Document Feeder Scanner IIT Marking Engine IOT Paper Tra...

Страница 7: ...Disclosure Paper 7 Ver 1 3 March 2011 Page 7 of 32 2 1 Security relevant Subsystems 2 1 1 Physical Partitioning The security relevant subsystems of the product are partitioned as shown in Figure 2 2...

Страница 8: ...ce Network Authentication Controller Graphical User Interface Cryptographic Operations Controller User Data Protection SSL Controller User Data Protection IP Filtering Controller User Data Protection...

Страница 9: ...ead from DRAM and sent to the Image Output Terminal IOT for marking on hardcopy output For long documents the production of hardcopy may begin before the entire original is scanned achieving a level o...

Страница 10: ...are limited to controller parameters that are needed for normal operation Both ports can be disabled by an Admin via the WebUI USB USB port and location Purpose USB 2 0 Host port Printing from USB sc...

Страница 11: ...rk Volatile Memory Description Type SRAM DRAM etc Size User Modifiable Y N Function or Use Process to Clear None n a n a n a n a Additional Information Non Volatile Memory Description Type Flash EEPRO...

Страница 12: ...n Type Flash EEPROM etc Size User Modifiable Y N Function or Use Process to Clear PROM 64KB N No user image data stored None Additional Information All memory listed above contains code for execution...

Страница 13: ...bupnp UUID library wpa_supplicant ldns Info zip TWAIN sample Data Source and Application WTL v8 0 CUPS library libjpeg v6b libxml2 Expat XML Parser Unicode Kerberos 5 sorttable Little CMS v1 15 libstd...

Страница 14: ...Disclosure Paper 14 Ver 1 3 March 2011 Page 14 of 32 2 7 3 Network Protocols Figure 2 is an interface diagram depicting the protocol stacks supported by the device annotated according to the DARPA mo...

Страница 15: ...and the device A shared secret is used to encrypt the traffic flowing through this tunnel SSL must be enabled in order to set up the shared secret When an IPSec tunnel is established between a client...

Страница 16: ...TCP UDP SLP 443 TCP SSL 515 TCP LPR 546 UDP DHCPv6 631 TCP IPP 636 TCP sLDAP 1124 TCP UDP Network Scan Utility 1900 UDP SSDP 3003 TCP HTTP SNMP reply 5200 TCP UPnP 5353 UDP Multicast DNS 6000 UDP Set...

Страница 17: ...view the properties of the device but not change them without logging into the machine with administrator privileges The HTTP server can only host the web pages resident on the device It does not and...

Страница 18: ...ld be too difficult for the user SA to keep the device clock in sync with the Kerberos server so the Xerox instantiation of Kerberos has the clock skew check removed The disadvantage is that this give...

Страница 19: ...SSL must also be enabled in order to use any of the Web Services Automatic Meter Reads or Network Scanning Validation Service SSL should be enabled so that the device can be securely administered fro...

Страница 20: ...port and this port is active when the http server is active i e if the http server is disabled this port will be closed If someone attempted to send an SNMP reply to this port via the network the repl...

Страница 21: ...nged from its default value immediately upon product installation The PIN should be set to a minimum of 8 characters in length and changed at least once per month Longer PINs can be changed less frequ...

Страница 22: ...t Authentication Steps 1 The device broadcasts an authentication request that is answered by the Domain Controller 2 The Domain Controller responds back to the device whether or not the user was succe...

Страница 23: ...est directly to the Domain Controller through the router using the IP address of the Domain Controller 4 The Domain Controller responds back to the device through the router whether or not the user wa...

Страница 24: ...Scan to E mail The device logs into an SMTP Server as set up by the SA via CWIS It will only log into the Server when a user attempts to use the scan to email feature At the time the LDAP server must...

Страница 25: ...ation Server has been established the Meter Assistant service will poll the Xerox Communication server daily over the network The server will check whether it is time in the billing cycle to update th...

Страница 26: ...Ver 1 3 March 2011 Page 26 of 32 5 Responses to Known Vulnerabilities 5 1 Security Xerox www xerox com security Xerox maintains an evergreen public web page that contains the latest security informati...

Страница 27: ...kard HTTP Hypertext transfer protocol IBM International Business Machines ICMP Internet Control Message Protocol IETF Internet Engineering Task Force IFAX Internet Fax IIT Image Input Terminal the sca...

Страница 28: ...e Location Protocol SNMP Simple Network Management Protocol SRAM Static Random Access Memory SSDP Simple Service Discovery Protocol SSL Secure Sockets Layer TCP Transmission Control Protocol TIFF Tagg...

Страница 29: ...re supported as long as the basic MIB structures have been implemented SNMP version Network Transport support WorkCentre SNMPv1 RFC 1157 supported SNMPv2P RFCs 140x supported SNMPv2C RFCs 190x support...

Страница 30: ...hange GET SET TRAP PDU community names supported Printer MIB traps supported printerV1Alert printerV2Alert SNMP Generic Traps supported coldStart warmStart authenticationFailure Vendor specific Traps...

Страница 31: ...trap Protocol BOOTP 1542 X 500 Distinguished Name RFC references 1779 2253 2297 2293 SLP 2608 Dynamic Host Configuration Protocol DHCP 2131 DHCP Options and BOOTP Vendor Extensions 2132 X 509 Certific...

Страница 32: ...re Paper 32 Ver 1 3 March 2011 Page 32 of 32 Portable Document Format Reference Manual Version 1 3 6 4 Appendix E References Kerberos FAQ http www nrl navy mil CCS people kenh kerberos faq html IP por...

Результаты поиска

Содержание WorkCentre 3550

Отзывы:

Похожие инструкции для WorkCentre 3550

Бренды по названию

Популярные бренды

Xerox WorkCentre 3550, Информационное руководство

Результаты поиска

Содержание WorkCentre 3550

Отзывы:

Похожие инструкции для WorkCentre 3550

Бренды по названию

Популярные бренды